SELinux is preventing abrt-install-cc from write access on the file core_pipe_limit. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that abrt-install-cc should be allowed write access on the core_pipe_limit file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'abrt-install-cc' --raw | audit2allow -M my-abrtinstallcc # semodule -X 300 -i my-abrtinstallcc.pp Additional Information: Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023 Target Context system_u:object_r:sysctl_kernel_t:s0 Target Objects core_pipe_limit [ file ] Source abrt-install-cc Source Path abrt-install-cc Port <Unknown> Host kvm-04-guest24.example.com Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.3-28.fc30.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name kvm-04-guest24.example.com Platform Linux kvm-04-guest24.example.com 5.0.7-300.fc30.x86_64 #1 SMP Mon Apr 8 18:28:09 UTC 2019 x86_64 x86_64 Alert Count 2 First Seen 2019-04-13 10:19:17 EDT Last Seen 2019-04-13 10:19:17 EDT Local ID 9b72f3e9-c848-4117-ab3f-49343b9de85f Raw Audit Messages type=AVC msg=audit(1555165157.501:40890): avc: denied { write } for pid=11322 comm="abrt-install-cc" name="core_pipe_limit" dev="proc" ino=111183 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=0 Hash: abrt-install-cc,abrt_t,sysctl_kernel_t,file,write How to reproduce: systemct start abrtd abrt-ccpp
There is not any other AVC in permissive mode sh# ausearch -m avc -ts recent -i ---- type=AVC msg=audit(04/13/2019 10:19:17.501:40889) : avc: denied { write } for pid=11322 comm=abrt-install-cc name=core_pipe_limit dev="proc" ino=111183 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=0 ---- type=AVC msg=audit(04/13/2019 10:19:17.501:40890) : avc: denied { write } for pid=11322 comm=abrt-install-cc name=core_pipe_limit dev="proc" ino=111183 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=0 ---- type=AVC msg=audit(04/13/2019 10:22:35.412:40901) : avc: denied { write } for pid=11372 comm=abrt-install-cc name=core_pipe_limit dev="proc" ino=111183 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=1
selinux-policy-3.14.3-31.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-3055c546d6
selinux-policy-3.14.3-31.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-3055c546d6
selinux-policy-3.14.3-31.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.